Archive

Category Archives for "Network World Security"

What is Transport Layer Security (TLS)?

Despite the goal of keeping Web communications private, flaws in the design and implementation of Transport Layer Security have led to breaches, but the latest version – TLS 1.3 – is an overhaul that strengthens and streamlines the crypto protocol.What is TLS? TLS is a cryptographic protocol that provides end-to-end communications security over networks and is widely used for internet communications and online transactions. It is an IETF standard intended to prevent eavesdropping, tampering and message forgery. Common applications that employ TLS include Web browsers, instant messaging, e-mail and voice over IP.To read this article in full, please click here

What is WPA3? Wi-Fi security protocol strengthens connections

The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.To read this article in full, please click here

What is WPA3? And some gotchas to watch out for in this Wi-Fi security upgrade

The Wi-Fi Alliance has introduced the first major security improvement to Wi-Fi in about 14 years: WPA3. The most significant additions to the new security protocol are greater protection for simple passwords, individualized encryption for personal and open networks, and even more secure encryption for enterprise networks.The original Wi-Fi Protected Access (WPA) standard was released back in 2003 to replace WEP, and the second edition of WPA came the year after. The third edition of WPA is a long-awaited and much-welcomed update that will benefit Wi-Fi industry, businesses, and the millions of average Wi-Fi users around the world—even though they might not know it.To read this article in full, please click here

What is a firewall? How they work and all about next-generation firewalls

A firewall is a network device that monitors packets going in and out of networks and blocks or allows them according to rules that have been set up to define what traffic is permissible and what traffic isn’t.There are several types of firewalls that have developed over the years, becoming progressively more complex over time and taking more parameters into consideration when determining whether traffic should or should not be allowed to pass. The most modern are commonly known as next-generation firewalls (NGF) and incorporate many other technologies beyond packet filtering.[ Also see What to consider when deploying a next generation firewall. | Get regularly scheduled insights by signing up for Network World newsletters. ] Initially placed at the boundaries between trusted and untrusted networks, firewalls are now also deployed to protect internal segments of networks, such as data centers, from other segments of organizations’ networks.To read this article in full, please click here

Right-to-repair smartphone ruling loosens restrictions on industrial, farm IoT

Last week, the tech press made a big deal out of a ruling by the Librarian of Congress and the U.S. Copyright Office to allow consumers to break vendors’ digital rights management (DRM) schemes in order to fix their own smartphones and digital voice assistants. According to The Washington Post, for example, the ruling — which goes into effect Oct. 28 — was a big win for consumer right-to-repair advocates. To read this article in full, please click here

The best enterprise level firewalls: Rating 10 top products

You know you need to protect your company from unauthorized or unwanted access. You need a network-security tool that examines the flow of packets in and out of the enterprise, governed by rules that decide whether that flow is safe, malicious or questionable and in need of inspection. You need a firewall.Recognizing that you need a firewall is the first – and most obvious -- step. The next crucial step in the decision-making process is determining which firewall features and policies best-suit your company’s needs.Today’s enterprise firewalls must be able to secure an increasingly complex network that includes traditional on-premises data center deployments, remote offices and a range of cloud environments. Then you have to implement and test the firewall once it's installed. Perhaps the only element more complex than configuring, testing and managing a next-generation firewall is the decision-making process regarding which product to trust with your enterprise security.To read this article in full, please click here(Insider Story)

ICANN’s internet DNS security upgrade apparently goes off without a glitch

So far, so good. That’s the report from Internet Corporation for Assigned Names and Numbers (ICANN) as it rolled out the first-ever changing of the cryptographic key that helps protect the internet’s address book – the Domain Name System (DNS) on Oct. 11.The change is central to ICANN’s project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol — commonly known as the root zone key signing key (KSK) — which secures the internet's foundational servers. This so-called root KSK rollover from the 2010 KSK to the 2017 KSK was supposed to take place almost a year ago but was delayed until Oct. 11 of this year because of concerns it might disrupt internet connectivity to significant numbers of web users.To read this article in full, please click here

IDG Contributor Network: Identity awareness: it’s more than just a packet

It was about 20 years ago when I plugged my first Ethernet cable into a switch. It was for our new chief executive officer. Little did she know that she was about to share her traffic with most others on the first floor. At that time being a network engineer, I had five floors to be looked after.Having a few virtual LANs (VLANs) per floor was a common design practice in those traditional days. Essentially, a couple of broadcast domains per floor were deemed OK. With the VLAN-based approach, we used to give access to different people on the same subnet. Even though people worked at different levels but if in the same subnet, they were all treated the same.To read this article in full, please click here

Cisco sets $2.3B deal for unified access, multi-factor authentication security firm Duo

Cisco said today it had closed the $2.35 billion deal it made for network identity, authentication security company Duo.According to Cisco, Duo’s zero-trust security model authorizes secure connections to all applications based on the trustworthiness of users and devices. Duo’s cloud-delivered technology lets IT professionals set and enforce risk-based, adaptive access policies and get enhanced visibility into users’ devices and activities. As more devices come onto the network remotely this issue takes on more importance.“Outdated devices are particularly vulnerable to being compromised, which can easily spiral into a full-blown, major breach,” wrote Richard Archdeacon, Duo Advisory CISO about a recent Duo study on remote access security. “Organizations don’t necessarily need to block individuals from using their personal devices, but they do need to re-shape their security models to fit these evolving working practices. … If you don’t know what’s connecting to the network, how can you protect data from being compromised?"To read this article in full, please click here

Cisco unearths 13 ‘High Impact’ IOS vulnerabilities you need to patch now

Cisco today exposed 13 vulnerabilities in its IOS and IOS XE switch and router operating software that the company said should be patched as soon as possible.The vulnerabilities were detailed in Cisco’s twice-yearly dump of IOS exposures. All have a High Impact security rating, and fixes should be evaluated by users quickly.[ Also see Invaluable tips and tricks for troubleshooting Linux. ] The company said this particular batch of issues could let an attacker gain elevated privileges for an affected device or cause a denial of service (DoS) on an affected device.To read this article in full, please click here

Apple’s dropping Back To My Mac Remote Access. Here’s an Alternative, Currently Discounted.

Apple is dropping the Back To My Mac remote access feature, and in a recent support document they urge you to be prepared by looking for alternatives.RemotePC by iDrive is a full-featured remote access solution that lets you connect to your work or office computer securely from anywhere, and from any iOS or Android device. Right now, their 50 computer package is 90% off or just $6.95 for your 1st year. So if you need an alternative to Back To My Mac, or have been thinking about remote access, now is a good time to consider RemotePC. Learn more about it here.To read this article in full, please click here

ICANN sets plan to reinforce internet DNS security

In a few months, the internet will be a more secure place. That’s because the Internet Corporation for Assigned Names and Numbers (ICANN) has voted to go ahead with the first-ever changing of the cryptographic key that helps protect the internet’s address book – the Domain Name System (DNS). [ Now see: The hidden cause of slow internet and how to fix it. ] The ICANN Board at its meeting in Belgium this week, decided to proceed with its plans to change or "roll" the key for the DNS root on Oct. 11, 2018. It will mark the first time the key has been changed since it was first put in place in 2010.To read this article in full, please click here

IDG Contributor Network: Visibility is key for devops and the hybrid cloud

Cloud has undoubtedly become a key component of successful business in recent years, especially when you consider the race to digitally transform. Across the globe, companies are moving their applications and services to the cloud and are consequently reaping the benefits of lower capex and opex as a result.However, with this process, cloud migration is only a beginning for any organization’s digital transformation (DX) journey. If harnessed correctly, cloud is a pillar of innovation for DX, and can be a driving force for new business models and use cases that – even a few years ago – weren’t possible. No one knows this better than devops teams; these teams hold the line when it comes to continuous delivery and deployment, and it therefore stands to reason that devops play a crucial role in the digital transformation journey. In practice however, the decision makers in charge of cloud strategies are rarely those in the bowels of the ship.To read this article in full, please click here

What to expect when the internet gets a big security upgrade

Ready or not, the upgrade to an important internet security operation may soon be launched. Then again, it might not.The Internet Corporation for Assigned Names and Numbers (ICANN) will meet the week of Sept. 17 and will likely decide whether or not to give the go ahead on its multi-year project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol — commonly known as the root zone key signing key (KSK) — which secures the Internet's foundational servers.[ RELATED: Firewall face-off for the enterprise ] Changing these keys and making them stronger is an essential security step, in much the same way that regularly changing passwords is considered a practical habit by any Internet user, ICANN says. The update will help prevent certain nefarious activities such as attackers taking control of a session and directing users to a site that for example might steal their personal information.To read this article in full, please click here

1 2 3 285